/**
 * @fileoverview Provides easy encryption/decryption methods using AES 256 GCM.
 */

 'use strict';

 const crypto = require('crypto');
 
 const ALGORITHM = 'aes-256-gcm';
 const BLOCK_SIZE_BYTES = 32; // 128 bit
 
 /**
  * Provides easy encryption/decryption methods using AES 256 GCM.
  */
 class Aes256Gcm {
   /**
    * No need to run the constructor. The class only has static methods.
    */
   constructor() { }
 
   /**
    * Encrypts text with AES 256 GCM.
    * @param {string} text - Cleartext to encode.
    * @param {string} secret - Shared secret key, must be 32 bytes.
    * @returns {object}
    */
   static encrypt(text, secret) {
     const iv = crypto.randomBytes(BLOCK_SIZE_BYTES);
     const cipher = crypto.createCipheriv(ALGORITHM, secret, iv);
    console.log(cipher)
     let ciphertext = cipher.update(text, 'utf8', 'base64');
     ciphertext += cipher.final('base64');
     return {
       ciphertext,
       iv: iv.toString('base64'),
       tag: cipher.getAuthTag().toString('base64'),
     };
   }
 
   /**
    * Decrypts AES 256 CGM encrypted text.
    * @param {string} ciphertext - Base64-encoded ciphertext.
    * @param {string} iv - The base64-encoded initialization vector.
    * @param {string} tag - The base64-encoded authentication tag generated by getAuthTag().
    * @param {string} secret - Shared secret key, must be 32 bytes.
    * @returns {string}
    */
   static decrypt(ciphertext, iv, tag, secret) {
     const decipher = crypto.createDecipheriv(ALGORITHM, secret, Buffer.from(iv, 'base64'));
     decipher.setAuthTag(Buffer.from(tag, 'base64'));
 
     let cleartext = decipher.update(ciphertext, 'base64', 'utf8');
     cleartext += decipher.final('utf8');
 
     return cleartext;
   }
 }
 
 module.exports = Aes256Gcm;